I would like to request these for firewall section "Additional filters to proxy, Java applet, ActiveX, cookies, port scans and P2P (blocks BitTorrent, Kazaa, WinMX, eDonkey, DC and Gnucleus) and not to respnd any WAN request"...
Because I noticed a lot of intruders, port scan and Dos Attacks in our area. May be they are smarter...so I suggest for everyone to have these in security firewall. Can you add on ver029? I don't mind test for you..

one more addition should have under reset. Can you add normal factory default and clear NVRAM and reset factory default?...because I noticed a lot of users use reset button and clear NVram...in long run, the botton becomes loose contact or non-contact, etc...this is based on my friends feedback...when they tried tomato and thibor, they can do it from GUI itself and easier for them...

Tarifa b027 is patched agains these dos attacks, ip_conntrack did not close some type of connections (and are left open), this due to unreplied packets in the SPI-firewall.

The SPI-firewall should block all traffic (except http,dns,ftp...), only traffic opened by the Upnp should be allowed.
Or did you mean that all the traffic done by use of a Proxy server (secure or unsecure)?

Clearing NVRAM is done by Restore Factory Defaults, this clears the NVRAM completely and after reboot installs the default broadcom CFE-settings.
This is (=should be) the same as pushing the reset button for 30 secs at startup.
What do you need more?

yes. SPI-firewall should block all traffic except common services (as per normal SPI rules), WAN to LAN all traffic block, but LAN to WAN only allow common services and UPNP. For proxy server, I am not sure is it difficult to add or modify?

This should be OK if factory default can clear NVRAM. From my personal experience, these features should be nough for this router. May be others can give suggestion?